Armchair Architects: Secure Software Development Lifecycle (pt 1)

The secure software development cycle (SDLC) emphasizes integrating security at every stage of development, rather than as an afterthought. In this episode of the Armchair Architects (part of the Azure Essentials Show), our trio of architects discuss key points of SDLC, including the concept of shift left, secure by design, training and tools, and AI assistance. In this video, you’ll also hear them discuss the importance of early security integration, and practical examples of secure coding practices. Be sure to catch part two of this conversation at https://aka.ms/AzEssentials/185.

Resources
• Develop secure applications on Azure https://learn.microsoft.com/azure/sec...
• Practical advice for securing secrets across the SDLC https://learn.microsoft.com/devsecops...
• Recommendations for securing a development lifecycle (WAF) https://learn.microsoft.com/azure/wel...

Related Episodes
• Armchair Architects: Secure Software Development Lifecycle (pt 2) https://aka.ms/AzEssentials/185
• Watch all the Armchair Architects episodes https://aka.ms/ArmchairArchitects
• Watch the Azure Essentials Show https://aka.ms/AzureEssentialsShow


Connect
• Ulrich (Uli) Homann   / ulrichhomann  
• Eric Charran   / ericcharran  
• David Blank-Edelman   / dnblankedelman  

Chapters
0:00 Introduction
1:13 Eric defines Shift Left
2:21 Secure by design
3:04 The Internet changed everything
4:27 Static Application Security Testing
6:23 Dynamic Application Security Testing
7:13 Examples
8:17 SAST methods
8:46 DAST methods
10:21 What’s in part 2